Today's mobile devices such as smart phones and tablets face unique security issues, some of which go hand in hand with mobility. Enterprises, military, and intelligence agencies (collectively referred to herein as “organizations”) are all grappling with their users' use of mobile devices as many users are carrying out both business as well as personal activities on their mobile devices. This can be problematic even if a Bring Your Own Device (“BYOD”) device policy is in place.
BYOD can raise serious security issues when a user's personal device is used to access both non-sensitive and sensitive (and sometimes risky) networks and/or services. For example, if an employee uses his personal smartphone to access a company network and then loses that phone, untrusted parties could retrieve any unsecured data on the phone. Another type of security breach occurs when an employee leaves a company, she does not have to give the company back her personal device, so company-owned applications and other data may still be present on her personal device. A challenging but important task for organizations that utilize BYOD is to develop a policy that defines exactly what sensitive company information needs to be protected and which employees should have access to this information, and then to educate all employees on this policy. Commercial carriers are normally relied upon for implementing the security requirements of an organization's BYOD policy.
Because of Internet-based risks, some very risk-averse organizations issue devices specifically for Internet use (this is termed “Inverse-BYOD”), providing unfiltered access to the Internet and reserving filtered, sensitive network data for use within a secured, private network. However, this means that a user likely has to carry multiple devices (including one for his personal use) and organizations do not have a sure way of preventing the user from using his personal mobile device to communicate non-sensitive but company-related information. As such, organizations continue to search for solutions that allow mobile services to be delivered or shared within a single device, rather than having to issue their users multiple devices or separate devices for their personal use and locking them into private networks.
Finding viable solutions to handle mobile devices can be particularly challenging for organizations that operate in high assurance computing environments. A high assurance computing environment is one that provides a certain level of assurance as to its behavior, useful in ensuring a level of secrecy for classified information. For instance, a high assurance operating system may permit only certain certified applications to access a particular portion of a memory on a device where sensitive information is stored. However, this does not prevent the physical device itself to become suspect—how it was built, who has handled it from manufacturing through use, how it is used by the user, etc. Moreover, the device could be physically accessed or otherwise compromised in many ways. For instance, information stored or cached on a mobile device could be accessed while its owner is away (e.g., left on the table at a restaurant or on their desk at work, stolen, or lost) or the user may have downloaded an infected application or could be sent an infected document via email or instant messaging, or accessed an infected service.
Because a mobile device lives in a hostile world, securing the physical device itself (e.g., via Tempest hardware, encrypted storage, biometrics, etc.) is not enough and can be very expensive to do a thorough job. Even so, infiltration from any portion of the stack—from the chips to the software that is installed to the data the device receives—still leaves the device vulnerable to attacks from well-funded, motivated, adversaries. Attempts to provide the level of separation needed within the actual device face many challenges, and at best are likely to become a very expensive niche proposition in the overall commercial mobility ecosystem.
In view of unique challenges in incorporating mobile devices such as smart phones and tablets into secure computing environments, there is room for innovations and improvements. One area in need of improvement relates to the performance of the mobile devices when they are used in areas that are remotely located from the particular servers that they normally access. Ideally, a mobile device will connect to a particular server through a network in a manner that minimizes the latency of communications between the mobile device and the server. When the mobile device is closer to the particular server, communications between them generally traverse fewer network interconnects, and the latency in the communications is generally lower. As the geographic distance increases, communications have to traverse more network interconnects, and the latency in the communications increases.
A low communications latency is important in the use of mobile devices that interact with a remote, private server because there is a user expectation that the mobile devices will be as responsive when interacting with the remote server as if they were operating solely based on information stored within the mobile device. This is particularly true when the mobile devices are acting as user interface devices for functions that are performed on the server, but are intended to appear as if they are being performed on the mobile device itself. For instance, if a remote server hosts a virtual device, rendering each action of a user experience and then transferring the corresponding renderings to the user to be displayed on a mobile device, the actions as viewed by the user are delayed by the latency of the communications. As the communications latency between the mobile device and the remote server increases, the mobile device appears to be less responsive, and the user's experience with the device becomes less satisfying. At some point, the latency may become so high that the user experience becomes frustrating, and the user may even consider the mobile device to be unusable.
This issue is especially important in this type of system when a user is roaming in an area that is relatively distant from the server that hosts the virtual device. While network communications may be fast enough that a user may not notice a difference in latency at different points within a city or state, or even a country, latencies are likely to increase substantially when a user travels to a different country or continent. Since this is becoming increasingly common, particularly for business travelers, the effects of latency on the user experience that is presented on the mobile device can be a serious problem. For example, if a person uses the mobile device in the US and the server is in the US, the mobile device may normally connect to the server through the internet or another network with reasonably low latencies. If, however, the user travels to Europe or Asia, connecting to the US-based server may involve unacceptable latencies. Although the US-based server could potentially be replicated in other countries, this would likely be a very inefficient solution to the problem, as many of the replicated resources would be used infrequently.
It would therefore be desirable to provide means to allow users to roam with their mobile devices, yet still have sufficiently low latencies in communications with a private network that the user experience is not degraded.